www.gluecksmariechen.de Open in urlscan Pro
83.138.87.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gluecksmariechen.jupiter.martiniwerbeagentur.de/
Effective URL:
https://www.gluecksmariechen.de/
Submission Tags: krdprod
Submission: On September 21 via api (September 21st 2021, 3:49:00 pm UTC) from JP — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 57 HTTP transactions. The main IP is 83.138.87.169, located in Germany and belongs to HOSTNET-DE-AS, DE. The main domain is www.gluecksmariechen.de.
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.

This is the only time www.gluecksmariechen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	83.138.87.169 83.138.87.169	34895 (HOSTNET-D...) (HOSTNET-DE-AS)
5	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
57	8

39 83.138.87.169 (Germany) 1 redirects

ASN34895 (HOSTNET-DE-AS, DE)
PTR: zuyale.han-solo.net

www.gluecksmariechen.jupiter.martiniwerbeagentur.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gluecksmariechen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.jupiter.martiniwerbeagentur.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	gluecksmariechen.de www.gluecksmariechen.de	2 MB
9	paypal.com www.paypal.com t.paypal.com	176 KB
5	fonts.net fast.fonts.net	204 KB
3	martiniwerbeagentur.de 1 redirects www.gluecksmariechen.jupiter.martiniwerbeagentur.de analytics.jupiter.martiniwerbeagentur.de	24 KB
2	facebook.com www.facebook.com	414 B
2	facebook.net connect.facebook.net	114 KB
1	paypalobjects.com www.paypalobjects.com	19 KB
57	7

	Domain	Requested by
36	www.gluecksmariechen.de	www.gluecksmariechen.de
8	www.paypal.com	www.gluecksmariechen.de www.paypal.com
5	fast.fonts.net	www.gluecksmariechen.de fast.fonts.net
2	www.facebook.com	www.gluecksmariechen.de
2	analytics.jupiter.martiniwerbeagentur.de	www.gluecksmariechen.de
2	connect.facebook.net	www.gluecksmariechen.de connect.facebook.net
1	www.paypalobjects.com	www.paypal.com
1	t.paypal.com	www.gluecksmariechen.de
1	www.gluecksmariechen.jupiter.martiniwerbeagentur.de	1 redirects
57	9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
gluecksmariechen.com R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-03-15`	8 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
analytics.jupiter.martiniwerbeagentur.de R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.gluecksmariechen.de/
Frame ID: 412B4116B4A2D90D8C4B00C9B027B99D
Requests: 50 HTTP requests in this frame

Frame: https://www.gluecksmariechen.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
Frame ID: 56DE9600410C8DDF882DCD74A9D7E892
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common
Frame ID: 1B56A03D34EE453A51F4DEA949B77017
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glücksmariechen

Page URL History Show full URLs

https://www.gluecksmariechen.jupiter.martiniwerbeagentur.de/ HTTP 301
https://www.gluecksmariechen.de/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

Shopware (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

(?:(shopware)|/web/cache/[0-9]{10}_.+)\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

57
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

2728 kB
Transfer

4267 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gluecksmariechen.de

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gluecksmariechen_shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gluecksmariechen.jupiter.martiniwerbeagentur.de/ HTTP 301
https://www.gluecksmariechen.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gluecksmariechen.de/
Redirect Chain

https://www.gluecksmariechen.jupiter.martiniwerbeagentur.de/
https://www.gluecksmariechen.de/

47 KB
10 KB

131ms
36ms

Document
text/html

83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 / PHP/7.3.8

Resource Hash

d0f069f675baee25e0dd12590350561f9ed23a605712acb19699ea74f36e7dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.gluecksmariechen.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-powered-by: PHP/7.3.8
link: </web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css>; rel="preload"; as="style",</web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.js>; rel="preload"; as="script"
x-content-digest: en1012a3aa1087d9e070f952cd9fdf452ac382118f9202e3cb764b259445455a38
age: 2621
cache-control: no-cache, private max-age=0,private,no-store,no-cache,must-revalidate
set-cookie: x-cache-context-hash=deleted; expires=Tue, 21-Sep-2021 15:48:54 GMT; Max-Age=0; path=/; httponly nocache=deleted; expires=Tue, 21-Sep-2021 15:48:54 GMT; Max-Age=0; path=/; httponly
strict-transport-security: max-age=15768000
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
push-policy: default

Redirect headers

date: Tue, 21 Sep 2021 15:48:53 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-powered-by: PHP/7.3.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private max-age=0,private,no-store,no-cache,must-revalidate
pragma: no-cache
set-cookie: session-1=fc738e4dd1256b8375367b488ab28ed0222d814c9f2a61c640afbaf206c21d6d; path=/; secure; HttpOnly session-1=deleted; expires=Mon, 21-Sep-2020 15:48:53 GMT; Max-Age=0; path=/; httponly
strict-transport-security: max-age=15768000
location: https://www.gluecksmariechen.de/
vary: User-Agent
x-frame-options: SAMEORIGIN
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 1606303110_05c09bcbc3461fa57020ceb360913366.css
www.gluecksmariechen.de/web/cache/ 410 KB
54 KB 49ms
0ms Stylesheet
text/css 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

3453d26ffe7d7406d0e38dfd36c6022ff5d7221a52768cf2becf8b0b7f58e6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 25 Nov 2020 11:18:30 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 55209
expires: Wed, 21 Sep 2022 15:48:54 GMT

GET
H2 200 1606303110_05c09bcbc3461fa57020ceb360913366.js Show response
www.gluecksmariechen.de/web/cache/ 482 KB
122 KB 12ms
0ms Script
application/javascript 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

cde9a667dd95875494c33268884bc124b6e8baa1b5f2c909049274167f789e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 25 Nov 2020 11:18:27 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 15:48:54 GMT

GET
H2 200 fb.js Show response
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/js/ 442 B
446 B 62ms
62ms Script
application/javascript 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/js/fb.js

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

c3093da26423f3aa6062d4a41620ccc264c18a6321f7b01a37d00803a22498f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/js/fb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 12 Jun 2019 08:40:16 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 331
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 Gluecksmariechen_Kdg.png
www.gluecksmariechen.de/media/image/98/92/2c/ 21 KB
21 KB 28ms
27ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/98/92/2c/Gluecksmariechen_Kdg.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

7f60d88f170b8a88f2183a574e0ba0936bf3fa29c86449ab63d8a0170f6235a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/98/92/2c/Gluecksmariechen_Kdg.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Wed, 08 Jul 2020 09:06:55 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 21476
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 heart.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 2 KB
2 KB 29ms
29ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/heart.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

d6c6a3662e71a3f575cadaf3bc45bbe43ad40cf811a75ab8166344a428142b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/heart.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Mon, 01 Oct 2018 15:10:03 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1572
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 account.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 2 KB
2 KB 29ms
28ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/account.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

412f00fa49db989c5bd341f19b9e579ed81d553276b8568bcd6587dbaa00019b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/account.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Mon, 01 Oct 2018 15:07:44 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1776
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 cart.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 2 KB
2 KB 28ms
28ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/cart.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

5a5904c9ed184c4c7f508649949b84002ebf0e1c9c6dee75acaa45784fb4d3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/cart.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Mon, 01 Oct 2018 14:53:32 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1949
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 facebook.jpg
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 75 KB
76 KB 28ms
28ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/facebook.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

48adf2f49a920e0ba5c4c6e724ba6da441df3c821a4efe17ca88472adde6b55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/facebook.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Thu, 08 Nov 2018 15:12:21 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 76796
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 instagram.jpg
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 89 KB
90 KB 29ms
28ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/instagram.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

23e7a74710172e44ffeb97e3fc6fdea9ea9000c5e374171c2cbe46840735413a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/instagram.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Thu, 08 Nov 2018 15:12:21 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 91061
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 9da0eaef-240d-42ca-a29b-2f07fe5eb785.js Show response
fast.fonts.net/jsapi/ 7 KB
3 KB 74ms
39ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/9da0eaef-240d-42ca-a29b-2f07fe5eb785.js
Requested by: Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b10d6e34143eb353e7c684e880a07261c98b733312cdbcfae3f5673e4925308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4
x-amz-request-id: CA20CVN9PP46YG1J
x-amz-id-2: nG55biWCeh6u/Ba+PoFX6dNYElQFnhzQQWBcJREF65+mMnuwyMbIZR8pQNNV9P3nj0k7Abn4TgA=
last-modified: Sat, 02 Jan 2021 03:37:27 GMT
server: cloudflare
etag: W/"139a1cd4433cf58256b4ba42ba9b1416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Tue, 21 Sep 2021 19:48:55 GMT
cache-control: public, max-age=14400
cf-ray: 692470c39a1f2bdd-FRA
x-amz-meta-mtime: 1554205328

GET
H2 200 js Show response
www.paypal.com/sdk/ 237 KB
71 KB 84ms
9ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f3ed7c803cd47a3c52952c4b3a59a020d75c9ecb2b4b6f0f9083e87ed8e60d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 3
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f3941071c28f7
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 71312
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4033-HHN
x-timer: S1632239335.011701,VS0,VE2
x-frame-options: SAMEORIGIN
date: Tue, 21 Sep 2021 15:48:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 21 Sep 2021 16:48:51 GMT
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"11690-LJjtQvvm88yEVhnKnds0aVlJTck"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/js/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: D1GfFt/J7b/T71ZCBIjGk+qLIpUtdas3wjt2ofUxxgkhQA8zCgjxijXEXfJcBePbmgNjDbhfIuxYfG/j4c54cw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 21 Sep 2021 15:48:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bird.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/ 15 KB
15 KB 26ms
25ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/bird.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

9075938714c1f1e857481737c35db2f4e647728924b359e59ab3212cf9601c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/bird.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Fri, 19 Oct 2018 13:59:45 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 15516
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 selection.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/ 5 KB
5 KB 26ms
26ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/selection.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

cae8d1695fda2685a4f1386db6153d5d41093d3fcfaa3eac62a8c5f6290def33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/selection.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Fri, 19 Oct 2018 14:02:34 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 5228
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 h_pattern.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/ 865 B
922 B 22ms
22ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/h_pattern.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

aa49bd91c1b89e0ddb37ebbeb7e266a73ec6d0493c82a3a84c8fbb3fb5b01df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/h_pattern.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
last-modified: Fri, 19 Oct 2018 13:39:39 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 865
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 shopware.woff2
www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/src/fonts/ 24 KB
24 KB 41ms
40ms Font
application/octet-stream 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?
pragma: no-cache
origin: https://www.gluecksmariechen.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
Origin: https://www.gluecksmariechen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 26 Feb 2020 08:50:12 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
cache-control: max-age=2592000, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 24136
expires: Thu, 21 Oct 2021 15:48:54 GMT

GET
H2 200 OpenSans-Regular.woff2
www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/ 41 KB
41 KB 43ms
43ms Font
application/octet-stream 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?201912171122

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?201912171122
pragma: no-cache
origin: https://www.gluecksmariechen.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
Origin: https://www.gluecksmariechen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 26 Feb 2020 08:50:12 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 41712
expires: Wed, 21 Sep 2022 15:48:54 GMT

GET
H2 200 OpenSans-Bold.woff2
www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/ 43 KB
43 KB 41ms
41ms Font
application/octet-stream 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?201912171122

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?201912171122
pragma: no-cache
origin: https://www.gluecksmariechen.de
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.css
Origin: https://www.gluecksmariechen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Wed, 26 Feb 2020 08:50:12 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 43552
expires: Wed, 21 Sep 2022 15:48:54 GMT

GET
H2 200 516234835578825 Show response
connect.facebook.net/signals/config/ 305 KB
88 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/516234835578825?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1da9e1261f314654e82eaec9814332428d806317e14d23d57dcb35c1329c6a27

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: nPIQQ77K0+hABB0SiunpsBVgaWTVQCTDMrW/Fxl96uuJGcc6CObJK5nqg+dbeABeXk9dssMn05GLaOsTiwFT+Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 15:48:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mt.js Show response
fast.fonts.net/jsapi/core/ 25 KB
9 KB 19ms
18ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/core/mt.js
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/9da0eaef-240d-42ca-a29b-2f07fe5eb785.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5715
x-amz-request-id: DSCMVTF6VK66ZWWD
x-amz-id-2: /g829AZage5Y/vDlRkTszAIZFnO47hlWDhGUvr1QPcPc6R1RwxocZA1fDobq9MOVUBmeQDWOLA8=
last-modified: Sat, 02 Jan 2021 08:52:38 GMT
server: cloudflare
etag: W/"d22b9d8d3cfe3e19b65a2e09ca164ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Tue, 21 Sep 2021 19:48:55 GMT
cache-control: public, max-age=14400
cf-ray: 692470c3ea7e2bdd-FRA
x-amz-meta-mtime: 1556088859

GET
H2 200 matomo.js Show response
analytics.jupiter.martiniwerbeagentur.de/ 67 KB
23 KB 129ms
33ms Script
application/javascript 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.jupiter.martiniwerbeagentur.de/matomo.js

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

9819ba7dda127bfc9dd442cdecd7852d37e4144e051841ebac48b1095cb5f5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
content-encoding: gzip
last-modified: Wed, 22 Jan 2020 09:31:45 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000,private,no-transform
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 23359

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 10ms
9ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.gluecksmariechen.de&t=xo&v=5.0.257&source=payments_sdk&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&comp=messages&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-XHfoQWNiXT+lvJwPGXgjpWZiMpeZ4sz8kkXw/+HdylUg7uk7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-XHfoQWNiXT+lvJwPGXgjpWZiMpeZ4sz8kkXw/+HdylUg7uk7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-cache: HIT
paypal-debug-id: f370069f21025
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4321
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4033-HHN
x-timer: S1632239335.063004,VS0,VE2
x-frame-options: SAMEORIGIN
date: Tue, 21 Sep 2021 15:48:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 refreshStatistic Show response
www.gluecksmariechen.de/widgets/index/ Frame 56DE 0
434 B 230ms
230ms Document
text/html 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/widgets/index/refreshStatistic?requestPage=%2F&requestController=index

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 / PHP/7.3.8

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.gluecksmariechen.de
:scheme: https
:path: /widgets/index/refreshStatistic?requestPage=%2F&requestController=index
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gluecksmariechen.de/
accept-encoding: gzip, deflate, br
cookie: x-ua-device=desktop
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-powered-by: PHP/7.3.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, private max-age=0,private,no-store,no-cache,must-revalidate
pragma: no-cache
x-robots-tag: noindex
x-body-eval: ESI
set-cookie: session-1=e8a5b3e69ef04df0c351368ee07fa7876f473536723f4d388b0688a6d925cc2f; path=/; secure; HttpOnly x-cache-context-hash=deleted; expires=Mon, 21-Sep-2020 15:48:54 GMT; Max-Age=0; path=/; httponly nocache=deleted; expires=Mon, 21-Sep-2020 15:48:54 GMT; Max-Age=0; path=/; httponly
strict-transport-security: max-age=15768000
vary: User-Agent
x-frame-options: SAMEORIGIN
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 1.css
fast.fonts.net/t/ 0
237 B 22ms
22ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=js&projectid=9da0eaef-240d-42ca-a29b-2f07fe5eb785
Requested by: Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
cf-cache-status: HIT
age: 472149
cf-ray: 692470c48bb62bdd-FRA
content-length: 0
x-amz-id-2: zVEs0XksmO2d00EILbagEAXirFSItuf8PUgT9bn+/Qvy4r/xZd9OT9xzZJ8iUkWkTMMp2otg+pI=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 92J3TW4PW74TH33V
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 ts
t.paypal.com/ 42 B
698 B 260ms
178ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Gl%C3%BCcksmariechen&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1632239335126&g=0&completeurl=https%3A%2F%2Fwww.gluecksmariechen.de%2F&ru=https%3A%2F%2Fwww.gluecksmariechen.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:48:55 GMT
via: 1.1 varnish
x-timer: S1632239335.212458,VS0,VE171
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5278054bd006c
expires: Tue, 21 Sep 2021 15:48:55 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4068-HHN

GET
H2 200 1e914289-cf33-4e2f-ad1a-2c4dcfe0106f.woff2
fast.fonts.net/dv2/14/ 114 KB
114 KB 59ms
40ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/1e914289-cf33-4e2f-ad1a-2c4dcfe0106f.woff2?d44f19a684109620e484157aa790e81873dc51ad974425e651f9d4e5e2beef410bca815abc498b6a0b15191918d41312fc13106f1c055c45fa1a78447a618e6f4fb5b07c1cf0e31b5576943bd7db0dab1ec6cac783d464ff10246b44b1d90e9b58fd1d6675e56ec6237298b2c8e7251f143c362ab2a8d52edc0cd677c29283a971a1&projectId=9da0eaef-240d-42ca-a29b-2f07fe5eb785
Requested by: Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09aa77a2bf27c56ca75bc8e43f2fd38fa75fcd13742ceadbed7eef67e3a2e707

Request headers

Referer: https://www.gluecksmariechen.de/
Origin: https://www.gluecksmariechen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
cf-cache-status: HIT
age: 3
content-length: 116304
x-amz-request-id: 17PJG3V08FPB7KQH
x-amz-id-2: TuhXwKREnLRBB4YN4uStR/+R7sJ3aSFxHNbVlLoKpfPvu6Y1b7F8Lv3xLFFnjnNMZWofGW5GRXk=
expires: Tue, 21 Sep 2021 19:48:55 GMT
last-modified: Fri, 30 Oct 2020 02:16:35 GMT
server: cloudflare
etag: "4109dba7709d26fc91fe3b445b35e071"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 692470c4b9474ec8-FRA
x-amz-meta-mtime: 1463754017

GET
H2 200 74937e9b-b394-42e1-b1ff-fec76fa92b24.woff2
fast.fonts.net/dv2/14/ 77 KB
77 KB 45ms
26ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/74937e9b-b394-42e1-b1ff-fec76fa92b24.woff2?d44f19a684109620e484157aa790e81873dc51ad974425e651f9d4e5e2beef410bca815abc498b6a0b15191918d41312fc13106f1c055c45fa1a78447a618e6f4fb5b07c1cf0e31b5576943bd7db0dab1ec6cac783d464ff10246b44b1d90e9b58fd1d6675e56ec6237298b2c8e7251f143c362ab2a8d52edc0cd677c29283a971a1&projectId=9da0eaef-240d-42ca-a29b-2f07fe5eb785
Requested by: Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c6c8b9cec0434f52f196f22d6fe317022f04b7a79b059e2a17f72464a15b7c

Request headers

Referer: https://www.gluecksmariechen.de/
Origin: https://www.gluecksmariechen.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
cf-cache-status: HIT
age: 3
content-length: 78340
x-amz-request-id: ES1K36A7NGCZD43K
x-amz-id-2: B159QhPVsflDNCLJp84K2Q3cD1RtmoGeWXjNehrlJ2EgHa8r5jnrPdQPSxZji41EPu3oTxIOZtA=
expires: Tue, 21 Sep 2021 19:48:55 GMT
last-modified: Sat, 14 Nov 2020 00:06:07 GMT
server: cloudflare
etag: "7717326ab3de6850610ea9be67e3fc0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 692470c4b94a4ec8-FRA
x-amz-meta-mtime: 1465191951

GET
H2 200 csrftoken Show response
www.gluecksmariechen.de/ 0
325 B 201ms
201ms XHR
text/html 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/csrftoken

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 / PHP/7.3.8

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: x-ua-device=desktop
:path: /csrftoken
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gluecksmariechen.de/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:48:55 GMT
x-csrf-token: WF6YrgxCRDR4BLUYYn38QKaUw3sUQk
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.8
vary: User-Agent
content-type: text/html; charset=UTF-8
set-cookie: session-1=76cafc6ad60377048b04a313108ab702faa954789162a8770ddbd63ef3dd43e5; path=/; secure; HttpOnly x-cache-context-hash=deleted; expires=Mon, 21-Sep-2020 15:48:54 GMT; Max-Age=0; path=/; httponly nocache=deleted; expires=Mon, 21-Sep-2020 15:48:54 GMT; Max-Age=0; path=/; httponly
cache-control: no-store, no-cache, must-revalidate, no-cache, private max-age=0,private,no-store,no-cache,must-revalidate
strict-transport-security: max-age=15768000
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 index Show response
www.gluecksmariechen.de/widgets/emotion/index/emotionId/1/secret//controllerName/ 33 KB
4 KB 55ms
54ms XHR
text/html 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gluecksmariechen.de/widgets/emotion/index/emotionId/1/secret//controllerName/index

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/web/cache/1606303110_05c09bcbc3461fa57020ceb360913366.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 / PHP/7.3.8

Resource Hash

9cbd121594910dd0df82e0a0f487dd4ab205d63fa812709390bc2c5b59944b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: x-ua-device=desktop
:path: /widgets/emotion/index/emotionId/1/secret//controllerName/index
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gluecksmariechen.de/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
content-encoding: gzip
x-content-digest: en342b10aa774f2e291a61bbabd78b74ed920408bd1f8ef06c8709a1271211476f
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
age: 10725
x-powered-by: PHP/7.3.8
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
set-cookie: x-cache-context-hash=deleted; expires=Tue, 21-Sep-2021 15:48:55 GMT; Max-Age=0; path=/; httponly nocache=deleted; expires=Tue, 21-Sep-2021 15:48:55 GMT; Max-Age=0; path=/; httponly
cache-control: no-cache, private max-age=0,private,no-store,no-cache,must-revalidate
strict-transport-security: max-age=15768000
vary: Accept-Encoding,User-Agent

GET
H2 200 message Show response
www.paypal.com/credit-presentment/smart/ Frame 1B56 58 KB
25 KB 1347ms
1347ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0b759fb5dba2cf85a2a7ece135b95b8171da64e1bf79b99d92956c853a6527e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bpWjtyvIkgIi9b3kgiBJslmi9jBvDrKPqWP0ci7cYiDTrl+m' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gluecksmariechen.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bpWjtyvIkgIi9b3kgiBJslmi9jBvDrKPqWP0ci7cYiDTrl+m' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"e953-lzuM5J48Skn/aqlt8llizeGHWAM"
paypal-debug-id: f834016d4a8d3
set-cookie: LANG=de_DE%3BDE; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 22 Sep 2021 00:34:52 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYzMjIzOTMzNjQxOCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=crcpresentmentnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 24 Sep 2021 15:48:56 GMT; HttpOnly; Secure; SameSite=None nsid=s%3Ay3VgG_NQvqxTCdukbJpbv8Cuf3XEe2uo.T1bmIHmrA0l4MteYrC4wXDhIkTZUpi%2FMginSFELB4nU; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 21 Sep 2021 16:18:56 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1726933735%26vteXpYrS%3D1632241135%26vr%3D090bb75b17c0ad0058664002ff5be9ef%26vt%3D090bb75b17c0ad0058664002ff5be9ee%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 20 Sep 2024 15:48:56 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D090bb75b17c0ad0058664002ff5be9ef%26vt%3D090bb75b17c0ad0058664002ff5be9ee; Path=/; Domain=paypal.com; Expires=Fri, 20 Sep 2024 15:48:56 GMT; Secure; SameSite=None x-cdn=0003; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Tue, 21 Sep 2021 15:48:56 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4033-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1632239335.181085,VS0,VE1320
vary: Accept-Encoding
content-encoding: br

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 25ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=516234835578825&ev=PageView&dl=https%3A%2F%2Fwww.gluecksmariechen.de%2F&rl=&if=false&ts=1632239335188&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632239335187.2030148518&it=1632239335010&coo=false&rqm=GET

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 15:48:55 GMT

GET
H2 200 banner_glu21_1280x1280.jpg
www.gluecksmariechen.de/media/image/6e/01/e4/ 191 KB
192 KB 36ms
33ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/6e/01/e4/banner_glu21_1280x1280.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

440d966c11f5a4e93b9360171a9c41c6182cb9392688ea9a327cae1e2eda98de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/6e/01/e4/banner_glu21_1280x1280.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Sat, 04 Sep 2021 05:58:08 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 195585
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 maileg_21_1280x1280.jpg
www.gluecksmariechen.de/media/image/10/52/36/ 135 KB
136 KB 57ms
54ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/10/52/36/maileg_21_1280x1280.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

5624a038e05670936a4bb21b24da96b0e118f3d1051a54ccc13eaa60224f837c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/10/52/36/maileg_21_1280x1280.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Sat, 04 Sep 2021 05:57:56 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 138672
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 gl-ucksmTuPmEJtswu3M8_800x800.jpg
www.gluecksmariechen.de/media/image/5f/9f/4f/ 77 KB
77 KB 36ms
33ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/5f/9f/4f/gl-ucksmTuPmEJtswu3M8_800x800.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

60f4ed80d5c6b8c962b0168726e0dbf4afc24eb41875745d893452fbab2a5874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/5f/9f/4f/gl-ucksmTuPmEJtswu3M8_800x800.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Tue, 12 Mar 2019 17:02:31 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 78841
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 mps_800x800.jpg
www.gluecksmariechen.de/media/image/b7/dd/dd/ 156 KB
157 KB 35ms
32ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/b7/dd/dd/mps_800x800.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

43095622c4eab8bbf928b906f6ba388ad5f4ba44e2c69bf38b79a1abf3f38b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/b7/dd/dd/mps_800x800.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Tue, 12 Mar 2019 16:23:31 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 159261
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 uheft_800x800.jpg
www.gluecksmariechen.de/media/image/99/46/66/ 141 KB
142 KB 36ms
33ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/99/46/66/uheft_800x800.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

48af400eb56bb6ee768061120a44e3eaf210c2fdf85917d2d3d52668e61a71d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/99/46/66/uheft_800x800.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Tue, 12 Mar 2019 16:08:21 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 144484
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 portv7ArIrQa5UZUo_800x800.jpg
www.gluecksmariechen.de/media/image/0b/c0/0e/ 143 KB
143 KB 27ms
26ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/0b/c0/0e/portv7ArIrQa5UZUo_800x800.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

5704afe339f3fc25f928e823892c9d94cfa82a525bd9713c8b82a3eb065b7826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/0b/c0/0e/portv7ArIrQa5UZUo_800x800.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Tue, 12 Mar 2019 17:04:29 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 146054
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 newcomer.png
www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/ 13 KB
13 KB 44ms
43ms Image
image/png 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/newcomer.png

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

85c3543244d4929f7000ee89e8b158d7d2c2a3ee331daf71017ebc6173787bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /themes/Frontend/Gluecksmariechen/frontend/_public/src/img/icons/newcomer.png
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Mon, 08 Oct 2018 13:09:55 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 13690
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 Reserviert_1_600x600.jpg
www.gluecksmariechen.de/media/image/ed/5f/1f/ 70 KB
70 KB 34ms
33ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/ed/5f/1f/Reserviert_1_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

0208db1143277f1f2da3ca9c1e7199a4271d76aa19bb9911cf46b1c479eac920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/ed/5f/1f/Reserviert_1_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Wed, 22 Jul 2020 17:44:12 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 71598
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 4774b_600x600.jpg
www.gluecksmariechen.de/media/image/b4/c3/df/ 138 KB
138 KB 44ms
43ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/b4/c3/df/4774b_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

ab74b9a7d254ce50f5ada551b0f162cec81d913c5f9aee62382a82373b1f4813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/b4/c3/df/4774b_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Tue, 31 Aug 2021 07:15:24 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 140964
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 2553_600x600.jpg
www.gluecksmariechen.de/media/image/3c/66/7c/ 70 KB
70 KB 45ms
44ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/3c/66/7c/2553_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

5f979d38db9d96ed25071981a9c1fa9e7b79620cb9671ff35a2a4c5de3bf8e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/3c/66/7c/2553_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Thu, 02 Sep 2021 07:00:54 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 71728
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 5994e_600x600.jpg
www.gluecksmariechen.de/media/image/2a/89/95/ 82 KB
82 KB 34ms
32ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/2a/89/95/5994e_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

ecc9487d5831c66cefcd54fd0b5b881f8c0b7973a52d00c47e90af35d4a55225

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/2a/89/95/5994e_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Fri, 03 Sep 2021 15:17:02 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 83629
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 8872b_600x600.jpg
www.gluecksmariechen.de/media/image/37/7a/20/ 86 KB
86 KB 45ms
43ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/37/7a/20/8872b_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

e41b5a2f3489ce8a640c1328ac19b7f01226f1ad955798e345f6a23e849d1fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/37/7a/20/8872b_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Thu, 03 Oct 2019 05:24:28 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 88153
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 1994_600x600.jpg
www.gluecksmariechen.de/media/image/dd/22/02/ 55 KB
55 KB 45ms
44ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/dd/22/02/1994_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

1c739558177b548663156571cebc07b72cfd4a8fa931b53f7f3aa3fc896b536b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/dd/22/02/1994_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Sat, 17 Oct 2020 05:11:35 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 56125
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 8997VQDogYop4VGYA_600x600.jpg
www.gluecksmariechen.de/media/image/e6/b9/de/ 78 KB
78 KB 33ms
32ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/e6/b9/de/8997VQDogYop4VGYA_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

ceeaaa56a85035aafb45d1500948a8f5aa55cb3e7e9b162b71f85d5ef30f337c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/e6/b9/de/8997VQDogYop4VGYA_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Fri, 20 Mar 2020 10:45:55 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 79746
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 il_570xN-1611269251_918u_600x600.jpg
www.gluecksmariechen.de/media/image/e1/9b/78/ 69 KB
69 KB 46ms
45ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/e1/9b/78/il_570xN-1611269251_918u_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

d45355b01a63ec579a73e61d47ff9a45d124bab9267b943862af61f6f2815fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/e1/9b/78/il_570xN-1611269251_918u_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Wed, 21 Nov 2018 17:14:56 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 70464
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 4994doy0sS4m34BkzK_600x600.jpg
www.gluecksmariechen.de/media/image/26/64/4d/ 112 KB
112 KB 34ms
33ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/26/64/4d/4994doy0sS4m34BkzK_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

c4d07c5ec5e353b6c874d8ceed7dbc080cefcf0a0aa22cfebf0bd52b5c56f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/26/64/4d/4994doy0sS4m34BkzK_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Mon, 17 Jun 2019 04:31:40 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 114963
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 56806453_1866878806750842_6387263122507300864_o_600x600.jpg
www.gluecksmariechen.de/media/image/61/db/51/ 60 KB
60 KB 33ms
32ms Image
image/jpeg 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gluecksmariechen.de/media/image/61/db/51/56806453_1866878806750842_6387263122507300864_o_600x600.jpg

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /

Resource Hash

31b0bba96c0c8a82466035f9841b5f7c72f7e023bff0ea755e3238be0b89bf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

:path: /media/image/61/db/51/56806453_1866878806750842_6387263122507300864_o_600x600.jpg
pragma: no-cache
cookie: x-ua-device=desktop; _fbp=fb.1.1632239335187.2030148518
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gluecksmariechen.de
referer: https://www.gluecksmariechen.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Sat, 20 Apr 2019 12:19:34 GMT
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000,private,no-transform, public
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 61458
expires: Thu, 21 Oct 2021 15:48:55 GMT

GET
H2 200 matomo.php
analytics.jupiter.martiniwerbeagentur.de/ 43 B
157 B 71ms
71ms Image
image/gif 83.138.87.169
HOSTNET-DE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.jupiter.martiniwerbeagentur.de/matomo.php?action_name=Gl%C3%BCcksmariechen&idsite=1&rec=1&r=165821&h=15&m=48&s=55&url=https%3A%2F%2Fwww.gluecksmariechen.de%2F&_id=2dbb75a638526ba5&_idts=1632239335&_idvc=1&_idn=0&_refts=0&_viewts=1632239335&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=53&pv_id=qP8U9r

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

83.138.87.169 , Germany, ASN34895 (HOSTNET-DE-AS, DE),

Reverse DNS

zuyale.han-solo.net

Software

Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 / PHP/7.1.31

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
content-encoding: gzip
server: Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
x-powered-by: PHP/7.1.31
vary: Accept-Encoding,User-Agent
content-type: image/gif
cache-control: no-store, max-age=0,private,no-store,no-cache,must-revalidate
strict-transport-security: max-age=15768000

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=516234835578825&ev=Microdata&dl=https%3A%2F%2Fwww.gluecksmariechen.de%2F&rl=&if=false&ts=1632239335692&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gl%C3%BCcksmariechen%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Gl%C3%BCcksmariechen%22%2C%22og%3Atitle%22%3A%22Gl%C3%BCcksmariechen%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.gluecksmariechen.de%2Fmedia%2Fimage%2F98%2F92%2F2c%2FGluecksmariechen_Kdg.png%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1200%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%22copyrightHolder%22%3A%22Gl%C3%BCcksmariechen%22%2C%22copyrightYear%22%3A%222014%22%2C%22isFamilyFriendly%22%3A%22True%22%2C%22image%22%3A%22https%3A%2F%2Fwww.gluecksmariechen.de%2Fmedia%2Fimage%2F98%2F92%2F2c%2FGluecksmariechen_Kdg.png%22%2C%22name%22%3A%22Gl%C3%BCcksmariechen%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A57%2C%22w%22%3A1260%7D%2C%22properties%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.gluecksmariechen.de%2Fmarken%2F%22%2C%22name%22%3A%22Marken%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FSiteNavigationElement%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632239335187.2030148518&it=1632239335010&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gluecksmariechen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 15:48:55 GMT

POST
H2 200 csp
www.paypal.com/csplog/api/log/ Frame 1B56 2 B
1 KB 219ms
218ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.gluecksmariechen.de
URL: https://www.gluecksmariechen.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-6zwGqaAFPED27oki/hFNDWuChiZDBl1A4J0sgYaGl0DEiJfI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-6zwGqaAFPED27oki/hFNDWuChiZDBl1A4J0sgYaGl0DEiJfI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f587051e71333
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4033-HHN
x-timer: S1632239337.535805,VS0,VE211
x-frame-options: SAMEORIGIN
date: Tue, 21 Sep 2021 15:48:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 1B56 237 KB
71 KB 12ms
12ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f3ed7c803cd47a3c52952c4b3a59a020d75c9ecb2b4b6f0f9083e87ed8e60d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-9Nh6pXeTOdA26ICfdBDWUPzcVXIp11nJEo8HtW+sKBBcKuEA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 5
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f3941071c28f7
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 71312
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4033-HHN
x-timer: S1632239337.040894,VS0,VE2
x-frame-options: SAMEORIGIN
date: Tue, 21 Sep 2021 15:48:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 21 Sep 2021 16:48:51 GMT
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"11690-LJjtQvvm88yEVhnKnds0aVlJTck"
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 smart-credit-message@1.26.2.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 1B56 56 KB
19 KB 68ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-message@1.26.2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35f2ea4297523f55912072e96a30bc550042bcd2851f2feef47ff938711331dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 17c5b22eb9abb
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18610
x-served-by: cache-sjc10028-SJC, cache-hhn4061-HHN
last-modified: Wed, 25 Aug 2021 15:40:14 GMT
x-timer: S1632239337.099094,VS0,VE0
etag: W/"6126645e-e053"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 50061, 72

GET
DATA 200
OK truncated
/ Frame 1B56 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1B56 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 1B56 892 B
1 KB 168ms
167ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

96c4f4648b224b00b5d3cde8dd7a2b35869a329a1b0fed6f250cabad0e12d1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWM1ck5DVm9jd3BJd3A5ZGFnYXUxVmlzMldHc0NQZWgtZzFEMU5ob2o2NVlpamI2S09MSGVHbGpURzN1dXk1YWpSWVA2WEZxXzhOMk1kOEcmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2V6cm9naWlzeW9tcXVmbm1rcmR6amlxa3FsZmh4ZSJ9fQ&env=production&version=1.26.2&deviceID=uid_14ecfa46bd_mtu6ndg6ntu&sessionID=uid_622a9b1c73_mtu6ndg6ntu&scriptUID=uid_ezrogiisyomqufnmkrdzjiqkqlfhxe&features=no-common
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Tue, 21 Sep 2021 15:48:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f5870510c78c0
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4033-HHN
x-timer: S1632239337.180944,VS0,VE156
etag: W/"37c-4aTlc9X1+e/jTjTxj4MhtHfEHDQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 856 B
1 KB 168ms
168ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ac5rNCVocwpIwp9dagau1Vis2WGsCPeh-g1D1Nhoj65Yijb6KOLHeGljTG3uuy5ajRYP6XFq_8N2Md8G&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5f2e6b6907dba5f70488dc18c54b34587ac69353bdc7bff9a7846104c07cb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.gluecksmariechen.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Tue, 21 Sep 2021 15:48:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f5870516d97e3
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-3.paypal.com
x-served-by: cache-hhn4071-HHN
x-timer: S1632239337.367642,VS0,VE161
etag: W/"358-C3f2HYH417TKMgxpSrDNlK/EHqs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gluecksmariechen.de
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 184ms
169ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gluecksmariechen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.gluecksmariechen.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f587051786706
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Tue, 21 Sep 2021 15:48:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4071-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1632239337.197777,VS0,VE161
content-encoding: br
vary: accept-encoding

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fonts.net/	1970-01-19 21:24:01	Name: __cf_bm Value: 5tSDgYnvr5gs3Mmyq_OYMgKr1cXGmvn6XOy0k8933Fc-1632239335-0-AV5O6uKnDHOuyuf0AcdGFEMQd31HrCpL987WKXozHxa9NNhXqBiqhDsfMfHRvIM9uOnL9C2gsHHhkV0nV90omE0=
www.gluecksmariechen.de/	1969-12-31 23:59:59	Name: x-ua-device Value: desktop
.gluecksmariechen.de/	1970-01-19 23:33:35	Name: _fbp Value: fb.1.1632239335187.2030148518
www.gluecksmariechen.de/	1970-01-20 06:49:54	Name: _pk_id.1.5c09 Value: 2dbb75a638526ba5.1632239335.1.1632239335.1632239335.
www.gluecksmariechen.de/	1970-01-19 21:24:01	Name: _pk_ses.1.5c09 Value: 1
www.gluecksmariechen.de/	1969-12-31 23:59:59	Name: session-1 Value: 76cafc6ad60377048b04a313108ab702faa954789162a8770ddbd63ef3dd43e5
www.gluecksmariechen.de/	1969-12-31 23:59:59	Name: __csrf_token-1 Value: WF6YrgxCRDR4BLUYYn38QKaUw3sUQk
.paypal.com/	1970-01-19 21:24:30	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3Ay3VgG_NQvqxTCdukbJpbv8Cuf3XEe2uo.T1bmIHmrA0l4MteYrC4wXDhIkTZUpi%2FMginSFELB4nU
.paypal.com/	1970-01-19 21:24:01	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 23:40:47	Name: ts_c Value: vr%3D090bb75b17c0ad0058664002ff5be9ef%26vt%3D090bb75b17c0ad0058664002ff5be9ee
.paypal.com/	1970-01-20 06:09:35	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYzMjIzOTMzNjY1NyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-19 21:28:18	Name: tsrce Value: cspreportnodeweb
.paypal.com/	1970-01-20 23:40:47	Name: ts Value: vreXpYrS%3D1726933737%26vteXpYrS%3D1632241137%26vr%3D090bb75b17c0ad0058664002ff5be9ef%26vt%3D090bb75b17c0ad0058664002ff5be9ee%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.jupiter.martiniwerbeagentur.de
connect.facebook.net
fast.fonts.net
t.paypal.com
www.facebook.com
www.gluecksmariechen.de
www.gluecksmariechen.jupiter.martiniwerbeagentur.de
www.paypal.com
www.paypalobjects.com
151.101.1.21
151.101.193.35
151.101.66.133
2606:4700::6811:e04e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
83.138.87.169
0208db1143277f1f2da3ca9c1e7199a4271d76aa19bb9911cf46b1c479eac920
09aa77a2bf27c56ca75bc8e43f2fd38fa75fcd13742ceadbed7eef67e3a2e707
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c739558177b548663156571cebc07b72cfd4a8fa931b53f7f3aa3fc896b536b
1da9e1261f314654e82eaec9814332428d806317e14d23d57dcb35c1329c6a27
1f3ed7c803cd47a3c52952c4b3a59a020d75c9ecb2b4b6f0f9083e87ed8e60d9
23e7a74710172e44ffeb97e3fc6fdea9ea9000c5e374171c2cbe46840735413a
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
31b0bba96c0c8a82466035f9841b5f7c72f7e023bff0ea755e3238be0b89bf6e
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3453d26ffe7d7406d0e38dfd36c6022ff5d7221a52768cf2becf8b0b7f58e6e6
35f2ea4297523f55912072e96a30bc550042bcd2851f2feef47ff938711331dd
386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
412f00fa49db989c5bd341f19b9e579ed81d553276b8568bcd6587dbaa00019b
43095622c4eab8bbf928b906f6ba388ad5f4ba44e2c69bf38b79a1abf3f38b35
440d966c11f5a4e93b9360171a9c41c6182cb9392688ea9a327cae1e2eda98de
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
48adf2f49a920e0ba5c4c6e724ba6da441df3c821a4efe17ca88472adde6b55b
48af400eb56bb6ee768061120a44e3eaf210c2fdf85917d2d3d52668e61a71d8
4b10d6e34143eb353e7c684e880a07261c98b733312cdbcfae3f5673e4925308
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5624a038e05670936a4bb21b24da96b0e118f3d1051a54ccc13eaa60224f837c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56c6c8b9cec0434f52f196f22d6fe317022f04b7a79b059e2a17f72464a15b7c
5704afe339f3fc25f928e823892c9d94cfa82a525bd9713c8b82a3eb065b7826
5a5904c9ed184c4c7f508649949b84002ebf0e1c9c6dee75acaa45784fb4d3cd
5f979d38db9d96ed25071981a9c1fa9e7b79620cb9671ff35a2a4c5de3bf8e1e
60f4ed80d5c6b8c962b0168726e0dbf4afc24eb41875745d893452fbab2a5874
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7f60d88f170b8a88f2183a574e0ba0936bf3fa29c86449ab63d8a0170f6235a9
85c3543244d4929f7000ee89e8b158d7d2c2a3ee331daf71017ebc6173787bf7
9075938714c1f1e857481737c35db2f4e647728924b359e59ab3212cf9601c11
96c4f4648b224b00b5d3cde8dd7a2b35869a329a1b0fed6f250cabad0e12d1c8
9819ba7dda127bfc9dd442cdecd7852d37e4144e051841ebac48b1095cb5f5eb
9cbd121594910dd0df82e0a0f487dd4ab205d63fa812709390bc2c5b59944b0f
aa49bd91c1b89e0ddb37ebbeb7e266a73ec6d0493c82a3a84c8fbb3fb5b01df1
ab74b9a7d254ce50f5ada551b0f162cec81d913c5f9aee62382a82373b1f4813
c3093da26423f3aa6062d4a41620ccc264c18a6321f7b01a37d00803a22498f1
c4d07c5ec5e353b6c874d8ceed7dbc080cefcf0a0aa22cfebf0bd52b5c56f489
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
cae8d1695fda2685a4f1386db6153d5d41093d3fcfaa3eac62a8c5f6290def33
cde9a667dd95875494c33268884bc124b6e8baa1b5f2c909049274167f789e33
ceeaaa56a85035aafb45d1500948a8f5aa55cb3e7e9b162b71f85d5ef30f337c
d0b759fb5dba2cf85a2a7ece135b95b8171da64e1bf79b99d92956c853a6527e
d0f069f675baee25e0dd12590350561f9ed23a605712acb19699ea74f36e7dff
d45355b01a63ec579a73e61d47ff9a45d124bab9267b943862af61f6f2815fbf
d5f2e6b6907dba5f70488dc18c54b34587ac69353bdc7bff9a7846104c07cb2d
d6c6a3662e71a3f575cadaf3bc45bbe43ad40cf811a75ab8166344a428142b04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b5a2f3489ce8a640c1328ac19b7f01226f1ad955798e345f6a23e849d1fac
ecc9487d5831c66cefcd54fd0b5b881f8c0b7973a52d00c47e90af35d4a55225

www.gluecksmariechen.de Open in urlscan Pro 83.138.87.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

43 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

2728 kBTransfer

4267 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gluecksmariechen.de Open in urlscan Pro
83.138.87.169 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

2728 kB
Transfer

4267 kB
Size

15
Cookies

57 HTTP transactions
2 data transactions